import { Context } from "jsr:@oak/oak/context";
import { Next } from "jsr:@oak/oak/middleware";
import { AuthErrors } from "../errors/AppError.ts";
import { getAuth } from "../services/auth.ts";

export async function adminOnly(ctx: Context, next: Next) {
  const auth = getAuth();
  const user = ctx.state.user;
  
  // 检查用户是否有管理员权限
  const isAdmin = await auth.checkUserRole(user.id, "admin");
  
  if (!isAdmin) {
    throw AuthErrors.Unauthorized();
  }
  
  await next();
} 